Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6304 to the following vulnerability: The federated engine in MySQL 5.0.x before 5.0.52, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, does not properly handle a response with a small number of columns, which allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns. References: http://bugs.mysql.com/bug.php?id=29801 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html
This one is a non-issue for us, because we don't enable the federated storage engine.
Red Hat Enterprise Linux and Fedora mysql packages are not affected by this issue. MySQL versions as shipped in Red Hat Enterprise Linux 2.1, 3, and 4 do not support federated storage engine at all. MySQL packages as shipped in Red Hat Enterprise Linux 5 and Fedora are not compiled with support for federated storage engine.